apache authentication via cookies

Enables cookie based authentication with apache.
I needed user authentication for some static files, but couldn't use the method described here as this prompts the user for his credentials, making him log in twice. There is some overhead in the code, because it runs all request middleware components (only session and auth would be needed). All arguments described in the link above are supported.
I use it like this in the apache config:

importosfrommod_pythonimportapachefromdjango.core.handlers.baseimportBaseHandlerfromdjango.core.handlers.modpythonimportModPythonRequestclassAccessHandler(BaseHandler):def__call__(self,req):fromdjango.confimportsettings# set up middlewareifself._request_middlewareisNone:self.load_middleware()# populate the request objectrequest=ModPythonRequest(req)# and apply the middleware to it# actually only session and auth middleware would be needed hereformiddleware_methodinself._request_middleware:middleware_method(request)returnrequestdefaccesshandler(req):os.environ.update(req.subprocess_env)# check for PythonOptions_str_to_bool=lambdas:s.lower()in('1','true','on','yes')options=req.get_options()permission_name=options.get('DjangoPermissionName',None)staff_only=_str_to_bool(options.get('DjangoRequireStaffStatus',"on"))superuser_only=_str_to_bool(options.get('DjangoRequireSuperuserStatus',"off"))settings_module=options.get('DJANGO_SETTINGS_MODULE',None)ifsettings_module:os.environ['DJANGO_SETTINGS_MODULE']=settings_modulerequest=AccessHandler()(req)ifrequest.user.is_authenticated():ifsuperuser_onlyandrequest.user.is_superuser:returnapache.OKelifstaff_onlyandrequest.user.is_staff:returnapache.OKelifpermission_nameandrequest.user.has_perm(permission_name):returnapache.OKreturnapache.HTTP_UNAUTHORIZED

I had to make a few modifications to get it to work for me. First "request.user.is_authenticated()" always comes back as true. I am using IE7 with cookies that expire when the browser window is closed. I solved the problem with the following code:

if request.user.is_anonymous():
return apache.HTTP_UNAUTHORIZED

added before
request.user.is_authenticated().

Next, I am using the code to server static pages through apache. In my httpd.conf file, when I had the line:

SetHandler python-program

The requested ended up being served by django. I was able to get apache to serve the content by replacing that line with:

SetHandler None

My (noob) understanding of apache is that it processes the request in phases and the phase called "handler" is the last phase in the sequence. So the python access handler still gets called, but after that the request processing is completed by apache.

I figured out that somehow multiple req objects were being processed by the handler at the same time, thus giving me multiple copies of the environment. I fixed this by rearranging my Location directives as so:

I'm not familiar at all with the way apache works with mod_python, but this reconfiguration of my httpd.conf makes things work as I expect them to. So I hope this helps save someone else some frustration.